On Thu, 3 Dec 2020 09:58:16 GMT, Alan Bateman <[email protected]> wrote:
>> The attribute_length of known ModuleXXXX attributes in the module-info.class >> is currently ignored. It should be checked and the class rejected if the >> attribute length doesn't exactly match the length of the info in the >> attribute. >> >> There are several ways to fix this. I initially limited the reading of the >> attribute_info to the attribute length but this resulted in confusing >> exception messages as the attribute appears truncated. The exception >> messages are clearer when it checks that the attribute length corresponds to >> the number of bytes read. > > Alan Bateman has updated the pull request with a new target base due to a > merge or a rebase. The incremental webrev excludes the unrelated changes > brought in by the merge/rebase. The pull request contains 11 additional > commits since the last revision: > > - Restructure check to make it more obvious that it doesn't overflow > - Merge > - Merge > - Merge > - Trailing whitespace > - Expand test to Module attribute > - Merge > - Test cleanup > - Add test > - Merge > - ... and 1 more: > https://git.openjdk.java.net/jdk/compare/914dd7e9...f15dbb1b src/java.base/share/classes/jdk/internal/module/ModuleInfo.java line 1203: > 1201: @Override > 1202: public String readUTF() throws IOException { > 1203: return DataInputStream.readUTF(this); If i understand correctly the code, I believe readUTF should change a boolean field named `countCanNotBeTrackedAnymore` from false to true, and in the method `count()`, `countCanNotBeTrackedAnymore` has to be checked and throws an ISE before returning `count` ------------- PR: https://git.openjdk.java.net/jdk/pull/1407
